Regional Family Medicine reports data breach after recent IT downtime

Regional Family Medicine, a healthcare provider located in Mountain Home, Arkansas, previously known as Kerr Medical Center, officially reported a data breach, initially thought to be a simple IT issue but was later identified as a cyberattack.

The initial signs of the breach appeared as an IT outage on June 26, 2023, which led Regional Family Medicine to engage data security experts for an in-depth investigation. This probe revealed that from June 8 to June 26, 2023, an unauthorized party had infiltrated their network and potentially accessed or acquired files containing sensitive patient information.

During the breach an unauthorized entity gained access to personal information of consumers. The compromised data included:

• names,
• Social Security numbers,
• driver’s license or state ID numbers,
• birth dates,
• biometric details,
• medical records,
• health insurance data,
• account numbers,
• employment evaluations.

No details are disclosed about the nature of the attack.

Regional Family Medicine concluded its investigation into this breach and commenced the process of notifying the 80,166 individuals whose data was compromised.

Notifications sent out on December 12, 2023, aimed to inform affected individuals about the specific details of their compromised data.